sophos

Massive worm hits Tumblr, spams big blogs like USA Today

A massive bug swept Tumblr today and infected some of the biggest blogs -- including USA Today, Reuters, The Verge, and CNET -- until Tumblr resolved the issue shortly before 10:30 a.m. PT.

GNAA, a hacker group, claimed responsibility for the attack. The group's Twitter profile earlier today said 8,600 unique Tumblr users were affected.

Tumblr didn't explain what happened but said in a blog post that no accounts were compromised, and users didn't need to take any further action.

"Our sincere apologies for the inconvenience," the company said. "As always, … Read more

Free antivirus and malware scanner from a trusted name

Sophos Anti-Virus for Mac Home Edition is a simple-to-use antivirus and malware product for the Mac. Based on the Sophos antivirus line, Sophos Anti-Virus for Mac Home Edition is free and designed for those who need coverage on their Macs, but don't want to spend a lot of time and money. Sophos Anti-Virus for Mac Home Edition is a download from the publisher, not available in the App Store when we tested.

Sophos Anti-Virus for Mac Home Edition lets you tailor the way it behaves to some extent. It can work quietly in the background, taking care of most … Read more

India is world leader in spam output

India has surpassed the U.S. and taken the lead as the greatest spam-sending country in the world. One out of every six junk messages that litter users' e-mail inboxes are coming from India, according to a new report from SophosLabs.

The security vendor's third-quarter "Dirty Dozen" report of spam-relaying countries found that India upped its percentage of global spam for the third quarter in a row and now accounts for more than 16 percent of all junk e-mails.

What is important to note, however, is that this spam doesn't necessarily come directly from India's … Read more

Iranian and Syrian dissidents targeted by spyware

Web users in Iran and Syria attempting to use a proxy tool to freely surf the Internet are reportedly being tracked by a new Trojan.

The proxy software known as Simurgh is used by many Iranian and Syrian citizens to make it seem as if their secure Internet connections are coming from a different country. Such proxy programs are common ways to mask a user's PC and Internet information in order to circumvent local censorship restrictions.

But a back-doored verson of Simurgh discovered by researchers at the University of Toronto is carrying a payload of malware -- one designed … Read more

One in five Macs 'infected' with malware is inaccurate

Recently security company Sophos released a report that claims one in five Mac systems has malware on it, after receiving data from about 100,000 snapshots of systems that have installed its free Mac anti-virus software. The analysis of these snapshots suggests that 20 percent of Mac systems has at least one instance of malware on it.

This may sound concerning, especially in the face of the Flashback malware and other recent news of threats on OS X; however, do not read this as a new development regarding new malware on the Mac. The malware in this finding that makes … Read more

Revir malware for OS X undergoes revision

Recently a new PDF-based malware threat for OS X was discovered that displays a Chinese PDF file while it installs and runs its malicious code in the background. While the initial version of this malware (OSX/Revir.A) was detected over a week ago, the criminals developing the code are busy revising and refining it, and over the weekend a variant has been identified (OSX/Revir.B). As with all malware, new versions of these threats are likely to surface in the future, and as they do, expect malware detection utilities (including Apple's XProtect) to follow close behind and … Read more

Sophos tackles new BlackHole RAT malware variant for OS X

Back in February of this year a malware utility called BlackHole, or MusMinim by security company Sophos, was found for OS X. BlackHole is a backdoor server program RAT (Remote Access Tool) that runs on an infected system and allows a remote user to interact with the system by sending shutdown commands, displaying screen messages, opening URLs, and requesting usernames and passwords. In essence it is similar to a remote desktop utility, but is not distributed for productive purposes.

Unlike more recent malware attempts on OS X that try to keep hidden and steal information automatically, the BlackHole malware is … Read more

Security firm warns of new Twitter threat

Scammers are using compromised Twitter accounts to prey on suspecting victims, security firm Sophos said today.

According to Sophos, compromised Twitter accounts are sending out tweets and direct messages to followers, urging them to sign up for a site that will help them make money. One such message from an account reads, "I made $888 today check out how I made it." The message is followed by a link to a malicious site.

According to Sophos, the dollar amount in the tweets and messages can vary.

Sophos said that when people click on the included link, they are … Read more

Beware the bogus 'TimeSpentHere' Twitter app

A new rogue app is spreading on Twitter that purports to tell you how much time you have spent using the microblogging site, but instead tricks you into spreading the scam and appears to harvest e-mail addresses from victims, Sophos said today.

A typical message says: "WOW --> I have spent 38.1 hours on Twitter! See how much you have: [LINK]," according to a Sophos blog post on the scam.

"If you are curious enough to click on the link, which--of course--you might do, seeing as it will appear as if one of your Twitter … Read more

How to remove MacDefender fake antivirus program

A new malware infection has apparently been spreading relatively rapidly among Mac users, and it's unclear both how pervasive the infection is and whether Apple is addressing the problem. What is known, however, is how to get rid of it.

What is it? Most often called MacDefender, but also known as MacProtector and MacSecurity, this bit of malware is a socially engineered threat of a type that's more familiar to Windows users. It often starts with a Web advertisement that suckers you into downloading a rogue antivirus program, which purports to protect you. In fact, once installed it … Read more